Password reset

Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
Tue Aug 21 17:33:01 2001

David Shaw <> writes:

> Oh, yes, the implementation may make decisions, but the local user
> always has control.
There is nothing in RFC 2440 which mandates the possibility of user interaction.
> The user always has control.
This might be true for GnuPG running on a general-purpose computer, but for embedded applications, it is not. Of course, most embedded crypto applications use X.509, PKCS somehting, and so on (perhaps with some proprietary extensions), but there's nothing which would prevent people from using OpenPGP instead, at least in theory. -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart RUS-CERT +49-711-685-5973/fax +49-711-685-5898